Barracuda Blocking Single User's Internet Traffic

Nov 26, 2012, 9:42 PM -06:00

A customer was unable to connect to the internet after returning from a trip. There was a plethora of items checked in trying to resolve the issue. Initially it looked like just a single client issue because all the other users could access the internet. It was discovered that the Barracuda Web Filter was not authenticating new users to the DC. The traffic showed in the weblog but only under the IP without a username and was always blocked. If an IP exclusion was added to the Barracuda, internet would work.

A new IP was requested from DHCP and internet worked. The traffic showed the right IP but a different user name. I requested a different IP and internet stopped working and weblog showed traffic was blocked with no username. It was realized that the Barracuda was working from cached settings.

I came upon the Account View under the Users/Groups tab. It contains a list of usernames and IPs associated with those users. The user in question was not listed. I click logout next to Conetrix’s administrator account and could no longer access internet from any system. I checked the authentication and LDAP showed to be working; however, the DC Agent showed a status of unavailable "red". I checked the DC agent on DC1 and it was stopped. I restarted the service and still could not access internet. I initiated a sync from the Barracuda and still nothing. I then opened the DC agent on DC1 and initiated a sync from the utility and then was able to access internet from the user’s PC. The only reason users could still access the internet was because of the cached accounts in the Barracuda. Had I logged all the cached accounts out no one could have accessed the internet while the DC Agent was down.